Video Description

In the second and concluding video in Module 6, Dean presents several more NIST documents and highlights key areas of each. The first is a more recent doc that's still in draft mode: NIST SP 800-154. This guide is more focused on systems rather than threats and deals with attacks and the vectors they target and the methodology, controls, and countermeasures to defend against them. NIST SP 800-150 is another recent and shorter doc that deals with info sharing. It discusses the value of a threat analyst and how they interact with management. It also covers identifying stakeholders, producers, and consumers and the scope of info sharing among them. Dean also discusses change management and security posture and draws the analogy with castle defenses such as a most and draw bridge. Change management is concerned with identifying and inventorying assets and though tedious, is an essential, foundational step. The video concludes with a discussion about incident response documents and how assets feed into them. Compliance audits are also mentioned and their importance is the protection of assets.

Course Modules

Intro to Cyber Threat Intelligence

Module 8 - Tactical Threat Intelligence Requirements

Module 12 - Summary